The self-proclaimed leader of international hacking group Lulz Security has been arrested by AFP – Australian Federal Police – on the New South Wales central coast. The AFP says the 24-year-old man was arrested in the Gosford suburb of Point Clare yesterday.

He has been charged with two counts of unauthorised modification of data to cause impairment and one count of unauthorised access to a restricted computer system. The AFP says he claims to be in charge of Lulz Security, or LulzSec, which has previously claimed responsibility for high-profile hacking attacks, includinga DDS attack that took the CIA website offline, and a hack which caused some serious headaches for Sony Corp.

UPDATE! 24 April 2013: Aush0k has been named as Mathew Flannery – aush0k@live.com – The hacking community is in serious doubt at claims that the man is the leader of the now defunct online activist group LulzSec.

Concerns have also been raised by IT security experts over the Flannery’s employment at Content Security, a business that specialises in online security. The company denied that Flannery had access to any sensitive customer data, in a statement Content Security’s managing director Phil Wurth said ” Flannery was a low level support tech.”

To Date there doesn’t seem to be any evidence at all to suggest that Flannery was even affiliated with LulzSec, or is a leader of the group. Infact the group was disbanded in 2011 because it’s members were arrested.

Flannery seems so far to be all bluster, his Facebook page declares he works for the FBI as a “Special Agent, cybercrime intelligence unit.”

His LinkedIn page has him working for Tenable Network Security – the company denies this emphatically – he also claims to work in Network Security, Penetration Testing and Computer Forensics, though his [confirmed] employer say he works in a Call Centre as low level support.

Perhaps more telling is that the hacktivist community has almost unanimously ditched any notion that Flannery had anything to do with LulzSec :: Read the full article »»»»

That hub of corporate social networking, LinkedIn is investigating claims that over 6 million of its users’ passwords were leaked onto the internet. Linkedin, which has over 150 million users, is designed to allow professionals to share resume details and network with one like minded corporates.

Hackers have reportedly posted a file containing encrypted passwords onto a Russian web forum. The company has confirmed the leak and says it is currently looking into the reports.

Linkedin Statement: We want to provide you with an update on this morning’s reports of stolen passwords. We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts. We are continuing to investigate this situation and here is what we are pursuing as far as next steps for the compromised accounts :: Read the full article »»»»

Litchfield exposes one last Oracle security bug before walking away from his database battles

Virginaia: In 2001, Larry Ellison brashly proclaimed in a keynote speech at the computing conference Comdex that his database software was “unbreakable.”

“You have this ideal vision of doing something for the greater good,” said David Litchfield, managing director of Next Generation Security Software Ltd. of London, who acknowledged that a small bit of his code might have been used in the attack. “I will probably no longer publish such code.” David Litchfield viaThe Washington Post

David Litchfield has devoted the last nine years to making the Oracle chief executive regret that marketing stunt. At the Black Hat security conference Tuesday afternoon, Litchfield unveiled a new bug in Oracle’s 11G database software, a critical, unpatched vulnerability that would allow a hacker to take control of an Oracle database and access or modify information at any security level.

“Anything that God can do on that database, you can do” Litchfield

The problem lies in the PLSQL Gateway, a component of the Oracle Internet Application Server, the Oracle Application Server and the Oracle HTTP Server, he said in an e-mail to the BugTraq mailing list :: Read the full article »»»»

The four co-founders of Sweden’s file-sharing website Pirate Bay: http://thepiratebay.org found guilty, This won’t be the end of the story…

April 2009 might turn out to be the cruelest month for those who like their movies, music and games free of charge. On Friday, two weeks after Sweden imposed a new law banning online piracy, the four founders of Swedish file-sharing Web site The Pirate Bay were found guilty of breaching copyright and sentenced to a year in jail.

The Swedish court also asked the four, whose average age is 34, to pay 31 million Swedish kronor ($3.7 million) in compensation to copyright holders, which was still some way off the $16.0 million in total sought by companies including Vivendi, Time Warner and Sony. But trade association IFPI, or the International Federation of the Phonographic Industry, claimed the decision was a big victory for the media industry, which has been bedeviled by the wealth of files shared free of charge on sites such as The Pirate Bay.

“You’ve got a very clear ruling that says: The Pirate Bay is illegal in Sweden,” said a spokesman for the IFPI on Friday. Although he admitted that the ruling did not mean the Web site would be shut down, and that the defendants’ decision to appeal meant that the verdict was not yet final, he said that it was a big deterrent against other Web sites and a springboard for other legal steps that could be taken :: Read the full article »»»»